Bitcoin is the currency of the Internet: a distributed, worldwide, decentralized digital money. Unlike traditional currencies such as dollars, bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. As such, it is more resistant to wild inflation and corrupt banks. With Bitcoin, you can be your own bank.

Community guidelines

Do not use URL shortening services: always submit the real link.

Begging/asking for bitcoins is absolutely not allowed, no matter how badly you need the bitcoins. Only requests for donations to large, recognized charities are allowed, and only if there is good reason to believe that the person accepting bitcoins on behalf of the charity is trustworthy.

News articles that do not contain the word "Bitcoin" are usually off-topic. This subreddit is not about general financial news.

Submissions that are mostly about some other cryptocurrency belong elsewhere. For example, /r/CryptoCurrency is a good place to discuss all cryptocurrencies.

Promotion of client software which attempts to alter the Bitcoin protocol without overwhelming consensus is not permitted.

No referral links in submissions.

No compilations of free Bitcoin sites.

Trades should usually not be advertised here. For example, submissions like "Buying 100 BTC" or "Selling my computer for bitcoins" do not belong here. /r/Bitcoin is primarily for news and discussion.

Please avoid repetition — /r/bitcoin is a subreddit devoted to new information and discussion about Bitcoin and its ecosystem. New merchants are welcome to announce their services for Bitcoin, but after those have been announced they are no longer news and should not be re-posted. Aside from new merchant announcements, those interested in advertising to our audience should consider Reddit's self-serve advertising system.

Join us on IRC

Other Bitcoin sites

Download Bitcoin Core

Bitcoin Core is the backbone of the Bitcoin network. Almost all Bitcoin wallets rely on Bitcoin Core in one way or another. If you have a fairly powerful computer that is almost always online, you can help the network by running Bitcoin Core. You can also use Bitcoin Core as a very secure Bitcoin wallet.

We previously collected donations to fund Bitcoin advertising efforts, but we no longer accept donations. The funds already donated will be spent on some sort of advertising, as intended. As of now, 10.35799117 BTC was spent out of 22.51357574. If you have ideas for the remaining BTC, see here for more info.

Last night my dads house was broken into and his safe was stolen. The thieves simply threw a rock through his back sliding glass window, rummaged around in the house until they found the safe and dom hemingway'd it right off of the foundation it was bolted onto. Inside of his safe was an uncommonly large number of bitcoins (he is an early adopter) on a non password protected paper wallet. I am his technical prowess on how to save and secure his bitcoins and I felt like a complete failure for not setting him up with bip38 when i had the chance. I figured that setting him up with a wallet in his safe in house and a safety deposit box was enough. wrong. I got a panicked call at midnight last night saying his house was broken into and his safe was gone with all of the bitcoins in it. I have never felt so helpless in my life as the only other copy was locked away and the bank wouldn't open up for another 9 hours. The robbers had 9 hours to crack into it, figure out what the hell they were looking at( assuming he wasnt explicitly targeted)... and then transfer the bitcoins off into their own address. We were both sweating bullets and did not sleep at all (unsurprisingly). Luckily for my dad and I, they were either not successful cracking into the safe, didnt know what they were looking at or blew up the paper wallets inside trying to break into it. Either way this morning shortly after the bank opened i had the paper wallet in hand and was able to safely transfer the coins off into a fresh bip38. Moral of the story: Safes, however secure they may seem are not guaranteed to stay put. Please be extra careful if you store your coins at home.

Public service announcement: if anyone ever tries to torture you for your keys, they're going to kill you anyways. They'll wear masks and tell you you'll be set free, but have more incentive to dispose of the evidence (you) than risk capture for a lesser charge.

Split your funds between a multitude of paper wallets of varying denominations and only import as much as you need. This reduces the incentive and visibility. Though it does require a bit of extra effort to keep a unique BIP38 passphrase on each.

Generally speaking yes they are available and are useful, but with caveats.

Any fire-protective material, to the best of my knowledge (I'm not an expert or even an enthusiast), has a specification measuring how long it will protect against fire. Anything can be burned if you try hard enough.

Fire resistant materials are simply "very good" at reflecting heat away. Given long enough and a large amount of heat, the contents inside will be damaged.

Most "Fire Safes" are rated something like "UL 350 one hour". That means the safe can withstand extreme temperatures for 1 hour. A house fire is usually much longer than that.

Now, they do make ridiculously expensive safes that are rated UL 125 3 hours. Those are much better for protecting paper for a long period of time in a fire, but again - whole house fires are often longer than 3 hours.

But like I said - by all means get a Fire Safe. But I still highly recommend keeping your paper wallets in an additional off-site location. Better to buy 2 non-fireproof safes in 2 locations than to buy 1 "fire proof" safe and only have 1 copy.

And by the way ... this is the perfect use case for one of the greatest and most competitive features of Bitcoin that is rarely ever talked about: That you can literally have multiple backups of your wealth distributed all over the world. This has never existed in this form as far as I know.

It is something that we humans are going to have to come to grips with: with bitcoin, there are more ways than ever to lose your money. . . but also more ways than ever to safeguard it. Can our monkey brains expand fast enough to encompass the crypto-world that we are being thrust into?

Can our monkey brains expand fast enough to encompass the crypto-world that we are being thrust into?

No. Our brains are severally limited by natural selection. The human brain is just the combination of all the other primitive brains that came before, stacked on top of each other. (IE: recent human developments, stacked on monkey brain, stacked on lizard brain, etc)

Once real AI and the singularity come, humans will not be genetically capable of keeping up. We'll be implanting all the brain upgrades that machines invent for us, just to barely grasp the world changing things they'll invent.

If only there was some digital monetary convention that the masses could intuitively use without having to constantly worry about their money being irreversibly stolen. Something where you're issued a piece of paper, or perhaps a card that could fit in a wallet, that could be replaced if it was lost or stolen, and additionally helped prevent and reverse fraudulent spending.

You don't have to sell me on that idea. I've never been one to go around touting bitcoin as better in all ways than current payment systems. . . nor do I think that bitcoin will (or should necessarily) do away with the card payment systems (in fact I think it will do a lot of bitcoin users a lot of good to be able to integrate bitcoin into these systems).

But if you don't lay awake at night, even once, contemplating the possibilities of the things that can or might be done with cryptography and cryptocurrencies. . . .well, my friend, I think you just don't have much of an imagination, or you just haven't really wrapped your head around bitcoin yet.

If the ability to split up keys, requiring m-of-n authorizations, and further encrypting, and being able to back up those keys, to store in multiple locations, transact your balance effectively anonymously and with no intermediary to stop you, doesn't get you hot-and-bothered. . . I think you're in the wrong place.

The point is not to "stick it to the bankers." The point is to eliminate or at least reduce your exposure to counterparty risk. If it's an encrypted wallet and you've got backups stored at other secure locations, the counterparty risk is essentially nil.

If only there was some digital monetary convention that the masses could intuitively use without having to constantly worry about their money being irreversibly stolen. Something where you're issued a piece of paper, or perhaps a card that could fit in a wallet, that could be replaced if it was lost or stolen, and additionally helped prevent and reverse fraudulent spending.

Hmm, some day perhaps...

Sure, but the problem with fiat-denominated payment systems it that you can't prevent or reverse the fraudulent spending of the central bank. So some of your money (or the equivalent -- its purchasing power) will be "irreversibly stolen" through inflation. So you're not wrong that a traditional payment system has certain advantages over bitcoin, but they're not really responsive to the central value proposition of bitcoin which is the elimination of the need for a trusted intermediary / combining the reliable scarcity of gold with the transactional efficiency of a purely digital medium.

Credit cards aren't some great solution. What really happens is that your loss is just passed on to other people, usually store owners. That mixed with insurance, which is being offered by a few online wallets.

Sure, I'm not claiming it's impossible to secure Bitcoin, of course it is, I was just replying to a specific point that implied gold or cash was inferior or less secure than Bitcoin because in this case it would have been stolen.

Yes, Bitcoin is secure if you jump through enough hoops. That's one reason why most people use banks, though, to leave the hoop jumping to people with the time and expertise to do it properly.

the "security" of Bitcoin here was that the robbers didn't know what they had because almost nobody knows what Bitcoin is

And so long as that is the case, then that is still technically a benefit to securely storing bitcoins. With gold or cash, there is effectively zero chance that the thieves don't know it's value. . . .and once again, even though the significance escapes you: there is absolutely no possibility of backing up your gold or cash and keeping it in a separate location. You cannot BIP38 encrypt your gold or cash. You cannot split it into equal parts, which must come together in order to steal the funds. You don't even have a potential window of time in which you can digitally whisk away the value of that gold or cash, into another address, before the thieves get a chance to break the safe, or scan the QR code on your paper wallet.

The irony is the only reason the Bitcoins were not lost is an actual bank was used.

The other copy(s) of the private key could have been kept in any other separate location and would not have changed the outcome of this story.

I truly do not see what you and your little brigade are on about tonight. But you're very edgy and making me feel so balanced and neutral about bitcoin right now; whereas I'm normally a raging fanatic who's rabidly anti-banker. Thank you for setting us all straight.

You can't have a second copy of gold or cash. That's the point. The argument is not that bitcoin is better than gold or cash necessarily. . . it's that it gives you a set of tools to make it better than gold or cash, should you choose to be wise.

Yes, you have to be smart with bitcoin. . . in fact you have to be almost flawless, and think of many contingencies, otherwise you risk your money. Bitcoin is like fire; don't play with it or you get burned, but it can be extremely powerful and productive as well.

You can't have a second copy of gold or cash. That's the point. The argument is not that bitcoin is better than gold or cash necessarily. . . it's that it gives you a set of tools to make it better than gold or cash, should you choose to be wise.

Which is why keeping large amounts of gold or cash in your home is fucking stupid. We have banks for a reason, as expertly demonstrated by the OP.

You can still keep large amounts of gold or cash at a bank, same for bitcoin, you could keep those at a bank.

The thing to realize is that, with bitcoin, you at least aren't obliged to keep it at a bank, and it will be more secure than keeping gold or cash in your home (which is illustrated by OP's story). If done properly, it will even be more secure than holding gold at a bank, or anything for that matter.

My uncle had been burglarized. He had 2000 dollars emergency cash, gold and silver jewelry. When he was broken into, the police could do virtually nothing because the gold and gets melted down and the cash gets put away somewhere

I am his technical prowess on how to save and secure his bitcoins and I felt like a complete failure for not setting him up with bip38 when i had the chance.

Many more people have setup encryption and then forgotten the "never could forget it" keys. They don't tend to brag about their losses.

Plus, and especially now that you've described in on reddit and after seeing the coins moved that they almost got, when they come back it may be with a kidnapping in mind... and password protection is not necessarily the best tool there.

Not really sure why it is so difficult for people to use multiple wallets like this to trade off convenience and security. With Armory it only takes about 45 seconds to sign a offline transaction so level two (holding $30,000 worth in a multi-sig cold/warm storage scenario) is not that burdensome and would require two devices being compromised; one of them being completely cold which would be very difficult.

Level one would be sufficient security for people or institutions to be securing tens of millions of dollars worth.

Could you explain what is level one and 2 security? Not really sure what is meant by this.

For instance, if I'm at work and an awesome deal comes up, is there a way to purchase with bitcoin, while still maintaining some security? I'm thinking at least 1k need to bee ready for spending at any time

The difference between cold storage Armory (a computer that never has and never will be connected to the Internet) and Armory (a computer that is connected to the Internet) is where the level one and two security really gets ramped up in effectiveness. Combining cold storage multi-sig with fragmented backups empowers people to reduce the attack surface to a minuscule size. Then the attack vectors can be protected against with relative ease.

Level one (deep cold storage) would be several cold storage wallets on different offline computers having the seed split using fragmented backups and using those wallets making a multi-sig lockbox. If it was a 2-3 multi-sig lockbox and if you were using 3-5 for fragmented backups on each wallet then there would be a total of 15 pieces of paper and you would need 6 of those at a minimum (and the right six!) to reconstitute the all the private keys needed to move funds in the lockbox. This would provide enough security for most people to feel confident securing tens of millions of dollars worth of bitcoins.

If you are at work and only have your mobile phone for you wallet then it will be difficult to maintain a good security profile. Nevertheless, the actual risk is not like a 30% probability of compromise per day. Thus, for many people level three or four would be fine for $1,000 of bitcoins. You just have to consider it like your physical wallet; how much are you willing to lose and what do you think the probability of occurrence is?

How would you categorize Trezor when used with a secret passphrase? That feels like Level 1 to me.

I have two Trezors. Anyone can take my main one and they will never have access to my BTC. I keep my backup as a clone of the first. (And if that is lost, I keep my 24 word seed encrypted in a private cloud. And that requires my passphrase to reconstruct in Wallet32.)

My secret passphrase is a long random sequence of words, and the PIN for the Trezor is also a long random sequence of numbers.

This is really something that should have been prepared for in advance. The damage is done and likely cannot be repaired short of moving with a solid privacy plan implemented.

Most likely the house is titled in the father's name which means even if he moves the bad guys would likely be able to track him down (you mainly have AML/KYC laws to thank for that!). But then he would likely not be the target anyway... OP, got kids?

This is one reason for having the house titled in the name of a New Mexico LLC and having ghost addresses properly setup in advance.

It's unlikely they would hit the same house again unless it was a substantial (30btc in a lousy neighborhood or 80btc in a nice area) amount. Its common knowledge that after a break in the homeowner will be more cautious and up the security measures.

Your story makes me want to install a gps tracker inside my safe - in a case like yours that would have let you find where they went. (going a step further to hide the gps inside so it's not found when the safe is cracked would be even better as they wouldn't realise they are tracked)

Of course, yeah, but given that they weren't sophisticated enough to realize what they had immediately, they might be dumb enough to dump them directly somewhere linked to their bank account...assuming they have a bank account.

Even better would have been scoping localBTC to see if someone was trying to sell a bunch locally and set up a face-to-face, then check the keys.

Very nice job on storing copies in multiple locations. It seems like you already learned your lesson to encrypt the wallets. The only other suggestion I have is to use multiple storage mediums. In each storage location, keep a copy on both paper and a flash drive. Or engraved in metal, etc.

These days, home invaders won't know what they're looking at even if a private key is staring them in the face. Eventually, however, every criminal will know what bitcoins are and when they find an unencrypted private key in a paper wallet in a house or on a USB, they'll think "Jackpot!"

Soon on /r/whatisthisthing: "I got this safe from... um... my 'dead uncle'. Anyway, the only thing in it were these papers with a bunch of random letters and numbers. They must be important if, um, 'he' got a safe just for that. Maybe they are some kind of code?"

Make sure to keep an unencrypted version stored somewhere, even if it's split up using Shamir's Secret Sharing. Imagine if your dad forgot his BIP38 password... much easier and more likely than someone breaking into his house and stealing his safe.

I haven't heard of a foolproof method, but splitting it up into some kind of m-of-n scheme using Shamir's Secret Sharing could add some redundancy. How you store and distribute the n pieces would define the overall security of the scheme.

Make sure you avoid losing it, but don't go crazy over its security. The point is you're adding a second point of failure that won't be easy for physical thieves, and will therefore buy you ample time to transfer the funds.

You could just keep it in LastPass, or use the same password you use for your bank, or store it as a QR code called grandma.jpg and put it in dropbox, or write it in sharpie on the inner door of your fusebox, etc.

What I did was choose a weak (but not obvious) BIP38 password and thoroughly memorized it, then made sure the paper wallets were hard to find even if I was robbed.

The code can be independently audited and built by anyone who has the time and resources available. Then they can publish a hash of the build, signed with their PGP key. You can then ensure that your hash matches this hash before installing. What isn't to trust?

But a way to get a reasonable level of trust is to build it from a bunch of component parts which come from multiple unrelated parties.

With Bitcoin, we should not think like we're used to with cash and other barbarous relics.

Why not hide your private key among bunch of very boring papers (electric bills, etc...) or even better, inside so boring pictures of your dogs, family etc... with steganography.
The possibilities are endless

I have always been confounded by Andreas' suggestion to put your paper wallets in a safe in your house. Half of them can be picked up and carried out. The others which are bolted down are not much more secure. Put your paper wallets in a bank safe deposit box. And bury a copy in the ground somewhere. In a watertight box. Make sure you use the encrypted paper wallet option.

Plot twist: The burglars who stole the safe did break into it quickly and then figured out what the paper inside is, perhaps by sending photos of it it to another close and trusted colleague who quickly explained to them roughly what they're dealing with. They looked up the address, realized how much money they have on their hands, and, without completely understanding how Bitcoin works and not thinking much of it, being high on the idea that they are now rich, immediately started partying, took pictures of each other holding the loot, then late in the night each of them went home. Late in the day when they sobered up each of them looks up the address again and finds out that all the money is gone. It's all gone, transferred while they were still sleeping. Now each of them starts suspecting their otherwise well trusted partners in crime (was it the guy who held the wallet overnight, was it the guy who made sure everyone else got inebriated by providing large amounts of booze, was it the only guy who knew what Bitcoin was who was asked to help identify the loot, was it the guy with the idea to take all those pictures). They even find out about this topic and suspect that it is a deliberate disinformation campaign by one of their partners, perhaps even in collusion with the real victims or the police who have made a secret deal in exchange for part of the money. They turn on each other and now you have a bunch of criminals dead set on "getting their cut back" or seeking revenge.

I'll leave the rest to your imagination or to the next real plot twist when you read about it in the newspaper or something like that.

You could create cold storage multi-signature lockboxes using public keys from multiple wallets. These lockboxes could be anywhere from 1-1 to 7-7. 2-3 should be sufficient for most use cases.

The wallets could have the seed, from which all of the private keys can be reconstituted, could be split up using Fragment Backups (Shamir's). 8-12 is the max; using 3-5 should be sufficient.

Then you could have the component parts adequately distributed so even if one (the safe - containing multiple but not fully sufficient parts of each component wallet) or more were to be compromised it would not compromise the private keys.

What? There is nothing wrong with BIP 38. I would argue 'keep it simple' as possible. BIP 38 wallets in several locations with a decent pass phrase will be plenty secure. I could send you my BIP 38 wallets right now, you're going to crack my 30+ character pass phrase? I don't think so. And what about my non-computer genius wife when I get hit by a bus? "Dear wife, i have 7 armory multi-sig wallets scattered throughout the globe, good luck". I have her and my kids trained to use BIP 38, it's secure and a nobrainer.

With BIP 38 the private key is still reconstituted at a single point and time. That opens up an attack surface and major attack vector. Plus, you have address reuse issues.

An Armory backup is not much more work and gives a lot more benefit since the seed lets you reconstitute the entire wallet and helps protect against address reuse.

And multi-sig lets you have multiple wallets all running on independent machines with their own security profiles.

As for a 'non-computer genius wife' .... I think you are likely underestimating her ability to learn some basic cryptography and how to recover the funds. Additionally, I have found women very open to learning how to hold their own private keys to become more empowered plus it only takes a few hours. They might even make you dinner for doing so; just do not have too much wine before or you may get distracted too easily!

Not really, but I do think it's very easy to adequately secure an HD wallet seed and store it online and offline just about anywhere. Example:

Electrum gives you what, a 12 word seed? Split it in two and put each half into seemingly random emails or photos/docs attached to emails together with a word or term that you can search for later. You can forward the emails all over the place and no one is going to discover the seed.

Or just encrypt the actual wallet with a decent password (which would be e.g. a hash of a so-so password!). Look at stealmywallet.com, for example, adequately encrypted and perfectly safe.

This is why I don't get why people are so into paper wallets that can be seized or stolen (or burn up) or whatever. I use cold storage, but just save the jpg of the paper wallet and encrypt it with PGP and have it stored in various places. So much safer than a piece of paper. You might as well just hold cash.

Someone could blow up the bank with a nuclear bomb or somehow get into the safety deposit boxes. Who knows. You want it in multiple places, as he had. The only thing he did wrong was to not have encrypted paper wallets.

Is it possible that you end up receiving funds with that address at some point in the future since it's now part of your Blockchain wallet? It's not actually swept but rather imported? I don't use them much anymore but if I recall correctly there was an archive function for addresses you no longer want to use. I'd recommend archiving that address since someone else now has the private key, whether they realize it or not. Or just burn the blockchain account completely. This thought had crossed my mind in the past since I've used the same feature but i also destroyed the paper wallet so it wasn't as much of a concern as it may be to you.

Glad the BTC was kept safe. Sounds like 2-of-3 multisig is the way to go next time.

But come on... "your dad" is an early bitcoin adopter, but you're the one "with the technical prowess"? Anyone who got in before ~$50 has to have had some non-trivial skills just to be able to buy and use BTC properly. This skill level would almost certainly include the ability to make safe paper wallets.

Well whatever, all's well that ends well. The bigger concern is that someone had enough knowledge about "your dad's" safe to come prepared with tools to detach it from the foundation. That's the deeper concern here. Stay safe.

This story actually increases my confidence in Bitcoin. They stole that safe in vain, since with Bitcoin you still have a chance to transfer the money before the thief does. And with BIP38 it's even more secure.

Excellent outcome with a story fitting for a thriller, and of course, with a great message.
This is one of the things bitcoin must over come if adoption is to continue into the main stream. I doubt the average person can bip38.

Why people keep using old conceptions to secure conceptually new stuff? Putting gold in a safe I understand. But with bitcoin there are so much better ways to protect them against both theft and losing them.